Information Security

Information Security is responsible for ensuring the confidentiality and data integrity of university computing assets, including university–owned computers, applications, servers, and the data residing on those devices. Information Security strives to maintain the security of university systems and data to prevent it from being used for unintended purposes by educating the campus community about security related issues, preventing the unwanted access of university records by intruders, and developing effective methods of responding to information security incidents.

Security Alerts

Android Firmware Hack (11/15/16)

Kryptowire has identified several models of Android mobile devices that contained firmware that collected sensitive personal data about their users and transmitted this sensitive data to third-party servers without disclosure or the users' consent.

The firmware that shipped with the mobile devices and subsequent updates allowed for the remote installation of applications without the users' consent and, in some versions of the software, the transmission of fine-grained device location information. For more information or to see if your device is affected, visit Kryptowire.

Emergency Patch for Adobe Flash Player (10/28/16)

Adobe released an emergency Flash Player update in order to fix a vulnerability that attackers are taking advantage of. Hackers are targeting Flash Players on Windows 7, 8.1 and 10 systems.

Please upgrade to Flash Player 23.0.0.205 on Windows and Mac and to version 11.2.202.643 on Linux. All systems managed through SCCM and Parallels will have a patch automatically pushed. Other systems will need to be updated manually.

Please note that Google Chrome, Microsoft Edge or Internet Explorer 11 on Windows 10 and 8.1 have their own Flash player. Those should be updated automatically through those browsers' update mechanisms, so please ensure that these updates have taken place.

Yahoo Email Breach (09/22/16)

Yahoo has reported a breach of its email system. According to their report, hackers have stolen passwords and personal information. CSUN recommends that you change your Yahoo password and if you used the same or similar password for your CSUN account, then change your CSUN password as well. Your CSUN password should not be used for external sites.

iOS Security Patch Available (09/02/16)

Apple pushed out a small but critical security patch for iOS. If you use an iDevice, make sure you have the latest update by following these instructions from Sophos.

Dropbox Breach (08/31/16)

A Dropbox data breach that occurred in 2012 is still a threat to users who have not changed their password in the last four years. If you use your CSUN user ID, email address or password to access Dropbox, change your password immediately.